Hot stuff

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) 2026-04-13 at 13:22 By Zeljka Zorz Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type […]

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) Read More »

ZeroID: Open-source identity platform for autonomous AI agents

ZeroID: Open-source identity platform for autonomous AI agents 2026-04-13 at 09:02 By Mirko Zorz ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to carry

ZeroID: Open-source identity platform for autonomous AI agents Read More »

Fixing vulnerability data quality requires fixing the architecture first

Fixing vulnerability data quality requires fixing the architecture first 2026-04-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce

Fixing vulnerability data quality requires fixing the architecture first Read More »

Bringing governance and visibility to machine and AI identities

Bringing governance and visibility to machine and AI identities 2026-04-13 at 07:32 By Mirko Zorz In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and

Bringing governance and visibility to machine and AI identities Read More »

ClickFix campaign delivers Mac malware via fake Apple page

ClickFix campaign delivers Mac malware via fake Apple page 2026-04-10 at 17:22 By Zeljka Zorz Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malicious page (Source: Jamf) ClickFix for everybody ClickFix is a

ClickFix campaign delivers Mac malware via fake Apple page Read More »

Health insurance lead sites sell personal data within seconds of form submission

Health insurance lead sites sell personal data within seconds of form submission 2026-04-10 at 08:57 By Mirko Zorz Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by researchers at UC Davis, Stanford University, and Maastricht University

Health insurance lead sites sell personal data within seconds of form submission Read More »

What vibe hunting gets right about AI threat hunting, and where it breaks down

What vibe hunting gets right about AI threat hunting, and where it breaks down 2026-04-10 at 08:57 By Mirko Zorz In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfront, the AI

What vibe hunting gets right about AI threat hunting, and where it breaks down Read More »

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197) 2026-04-09 at 16:17 By Zeljka Zorz In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code execution vulnerability in Apache ActiveMQ that’s been introduced in the codebase 13 years

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197) Read More »

Acrobat Reader zero-day exploited in the wild for many months

Acrobat Reader zero-day exploited in the wild for many months 2026-04-09 at 15:44 By Zeljka Zorz Unknown attackers have exploited a zero-day Adobe Acrobat Reader vulnerability since November 2025 and possibly even earlier, security researcher Haifei Li has discovered. PDF files carry the exploit Haifei Li is one of the creators of EXPMON, a sandbox-based

Acrobat Reader zero-day exploited in the wild for many months Read More »

AI agent intent is a starting point, not a security strategy

AI agent intent is a starting point, not a security strategy 2026-04-09 at 08:53 By Mirko Zorz In this Help Net Security video, Itamar Apelblat, CEO of Token Security, walks through findings from the company’s research, which shows that 65% of agentic chatbots have never been used yet still hold live access credentials. He explains

AI agent intent is a starting point, not a security strategy Read More »

BlueHammer: Windows zero-day exploit leaked

BlueHammer: Windows zero-day exploit leaked 2026-04-08 at 23:29 By Zeljka Zorz A buggy but functional proof-of-concept (PoC) exploit for an unpatched Windows local privilege escalation vulnerability dubbed BlueHammer has been published on GitHub by someone who goes by the handle Chaotic Eclipse and Nightmare Eclipse. Several security researchers have fixed the bugs in the exploit

BlueHammer: Windows zero-day exploit leaked Read More »

Social engineering attacks on open source developers are escalating

Social engineering attacks on open source developers are escalating 2026-04-08 at 15:45 By Zeljka Zorz North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the

Social engineering attacks on open source developers are escalating Read More »

What managing partners should ask AI vendors before signing any contract

What managing partners should ask AI vendors before signing any contract 2026-04-08 at 09:28 By Mirko Zorz In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quietly and

What managing partners should ask AI vendors before signing any contract Read More »

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser 2026-04-08 at 08:12 By Anamarija Pogorelec Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. Anthropic’s Claude Mythos Preview, a

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser Read More »

The case for fixing CWE weakness patterns instead of patching one bug at a time

The case for fixing CWE weakness patterns instead of patching one bug at a time 2026-04-07 at 09:24 By Mirko Zorz In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in vulnerability disclosure. More CVE records now include CWE mappings

The case for fixing CWE weakness patterns instead of patching one bug at a time Read More »

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) 2026-04-04 at 17:39 By Zeljka Zorz Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) Read More »

Claude Code source leak exploited to spread malware

Claude Code source leak exploited to spread malware 2026-04-03 at 14:30 By Sinisa Markovic A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software. Leaked Claude Code source code used

Claude Code source leak exploited to spread malware Read More »

Trivy supply chain attack enabled European Commission cloud breach

Trivy supply chain attack enabled European Commission cloud breach 2026-04-03 at 09:35 By Zeljka Zorz CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “Analysis of the published dataset has so far confirmed

Trivy supply chain attack enabled European Commission cloud breach Read More »

Software supply chain hacks trigger wave of intrusions, data theft

Software supply chain hacks trigger wave of intrusions, data theft 2026-04-02 at 18:58 By Zeljka Zorz After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply

Software supply chain hacks trigger wave of intrusions, data theft Read More »

Scroll to Top